New Search

Cisco IOS MPLS VPN May Leak Information Vulnerability

oval:org.mitre.oval:def:5919

A "logic error" in Cisco IOS 12.0 through 12.4 when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured sometimes causes a corrupted route target (RT) to be used which allows remote attackers to read traffic from other VPNs in opportunistic circumstances.

Family:
ios
Status:
ACCEPTED
Platform(s):
  • Cisco IOS
Class:
vulnerability
Reference(s):
  • CVE-2008-3803
Product(s):